{"id":34164468,"url":"https://github.com/fatihtokus/scan2html","last_synced_at":"2026-03-09T21:05:39.293Z","repository":{"id":101142290,"uuid":"599788608","full_name":"fatihtokus/scan2html","owner":"fatihtokus","description":"A Trivy plugin that scans and outputs the results (vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more) to an interactive html file.","archived":false,"fork":false,"pushed_at":"2025-12-14T18:50:11.000Z","size":16169,"stargazers_count":119,"open_issues_count":13,"forks_count":13,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-12-18T05:41:45.444Z","etag":null,"topics":["cisa","cisa-kev","cloud","containers","devops","devsecops","epss","iac","misconfiguration","opensource","report","sbom","scan","secops","security","trivy","vulnerability","vulnerability-management"],"latest_commit_sha":null,"homepage":"","language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fatihtokus.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2023-02-09T22:04:23.000Z","updated_at":"2025-12-18T04:37:24.000Z","dependencies_parsed_at":"2024-02-06T21:45:29.043Z","dependency_job_id":"84098524-5781-48b3-9f4b-70625e512ad7","html_url":"https://github.com/fatihtokus/scan2html","commit_stats":null,"previous_names":[],"tags_count":86,"template":false,"template_full_name":null,"purl":"pkg:github/fatihtokus/scan2html","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fatihtokus%2Fscan2html","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fatihtokus%2Fscan2html/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fatihtokus%2Fscan2html/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fatihtokus%2Fscan2html/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fatihtokus","download_url":"https://codeload.github.com/fatihtokus/scan2html/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fatihtokus%2Fscan2html/sbom","scorecard":{"id":883857,"data":{"date":"2025-08-17T19:47:24Z","repo":{"name":"github.com/fatihtokus/scan2html","commit":"2e0e5895a2f9136cecea0ccf8c127c49f0213c50"},"scorecard":{"version":"v4.13.1","commit":"49c0eed3a423f00c872b5c3c9f1bbca9e8aae799"},"score":7.1,"checks":[{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#binary-artifacts"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#branch-protection"}},{"name":"CI-Tests","score":9,"reason":"27 out of 29 merged PRs checked by a CI test -- score normalized to 9","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#ci-tests"}},{"name":"CII-Best-Practices","score":5,"reason":"badge detected: passing","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#cii-best-practices"}},{"name":"Code-Review","score":9,"reason":"found 1 unreviewed changesets out of 30 -- score normalized to 9","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#code-review"}},{"name":"Contributors","score":3,"reason":"1 different organizations found -- score normalized to 3","details":["Info: contributors work for t-con"],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#contributors"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#dangerous-workflow"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: tool 'Dependabot' is used: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#dependency-update-tool"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no OSSFuzz integration found: Follow the steps in https://github.com/google/oss-fuzz to integrate fuzzing for your project.\nOver time, try to add fuzzing for more functionalities of your project. (High effort)","Warn: no OneFuzz integration found: Follow the steps in https://github.com/microsoft/onefuzz to start fuzzing for your project.\nOver time, try to add fuzzing for more functionalities of your project. (High effort)","Warn: no GoBuiltInFuzzer integration found: Follow the steps in https://go.dev/doc/fuzz/ to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no PythonAtherisFuzzer integration found: Follow the steps in https://github.com/google/atheris to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no CLibFuzzer integration found: Follow the steps in https://llvm.org/docs/LibFuzzer.html to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no CppLibFuzzer integration found: Follow the steps in https://llvm.org/docs/LibFuzzer.html to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no SwiftLibFuzzer integration found: Follow the steps in https://google.github.io/oss-fuzz/getting-started/new-project-guide/swift-lang/ to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no RustCargoFuzzer integration found: Follow the steps in https://rust-fuzz.github.io/book/cargo-fuzz.html to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no JavaJazzerFuzzer integration found: Follow the steps in https://github.com/CodeIntelligenceTesting/jazzer to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no ClusterFuzzLite integration found: Follow the steps in https://github.com/google/clusterfuzzlite to integrate fuzzing as part of CI.\nOver time, try to add fuzzing for more functionalities of your project. (High effort)","Warn: no HaskellPropertyBasedTesting integration found: Use one of the following frameworks to fuzz your project:\nQuickCheck: https://hackage.haskell.org/package/QuickCheck\nhedgehog: https://hedgehog.qa/\nvalidity: https://github.com/NorfairKing/validity\nsmallcheck: https://hackage.haskell.org/package/smallcheck\nhspec: https://hspec.github.io/\ntasty: https://hackage.haskell.org/package/tasty (High effort)","Warn: no TypeScriptPropertyBasedTesting integration found: Use fast-check: https://github.com/dubzzz/fast-check (High effort)","Warn: no JavaScriptPropertyBasedTesting integration found: Use fast-check: https://github.com/dubzzz/fast-check (High effort)"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: License file found in expected location: LICENSE:1","Info: FSF or OSI recognized license: LICENSE:1"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#license"}},{"name":"Maintained","score":10,"reason":"13 commit(s) out of 30 and 6 issue activity out of 30 found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"no published package detected","details":["Warn: no GitHub/GitLab publishing workflow detected"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":9,"reason":"dependency not pinned by hash detected -- score normalized to 9","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-go.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/fatihtokus/scan2html/release-go.yml/main?enable=pin","Info:  22 out of  22 GitHub-owned GitHubAction dependencies pinned","Info:  14 out of  15 third-party GitHubAction dependencies pinned","Info:   1 out of   1 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":9,"reason":"SAST tool detected but not run on all commits","details":["Warn: 27 commits out of 30 are checked with a SAST tool","Info: SAST tool detected: CodeQL"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#sast"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#security-policy"}},{"name":"Signed-Releases","score":8,"reason":"5 out of 5 artifacts are signed or have provenance","details":["Warn: release artifact v0.3.22 does not have provenance: https://api.github.com/repos/fatihtokus/scan2html/releases/239882268","Info: signed release artifact: scan2html_0.3.22_checksums.txt.sig: https://api.github.com/repos/fatihtokus/scan2html/releases/assets/282417713","Warn: release artifact v0.3.21 does not have provenance: https://api.github.com/repos/fatihtokus/scan2html/releases/237776791","Info: signed release artifact: scan2html_0.3.21_checksums.txt.sig: https://api.github.com/repos/fatihtokus/scan2html/releases/assets/279654599","Warn: release artifact v0.3.20 does not have provenance: https://api.github.com/repos/fatihtokus/scan2html/releases/234148100","Info: signed release artifact: scan2html_0.3.20_checksums.txt.sig: https://api.github.com/repos/fatihtokus/scan2html/releases/assets/275177459","Warn: release artifact v0.3.19 does not have provenance: https://api.github.com/repos/fatihtokus/scan2html/releases/233300118","Info: signed release artifact: scan2html_0.3.19_checksums.txt.sig: https://api.github.com/repos/fatihtokus/scan2html/releases/assets/273851792","Warn: release artifact v0.3.19-rc.1 does not have provenance: https://api.github.com/repos/fatihtokus/scan2html/releases/228116029","Info: signed release artifact: scan2html_0.3.19-rc.1_checksums.txt.sig: https://api.github.com/repos/fatihtokus/scan2html/releases/assets/267610488"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#signed-releases"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: topLevel 'contents' permission set to 'read': .github/workflows/check-release-candidate-version.yml:14","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/check-release-candidate-version.yml:21: Verify which permissions are needed and consider whether you can reduce them. (High effort)","Info: topLevel 'contents' permission set to 'read': .github/workflows/check-version.yml:14","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/check-version.yml:21: Verify which permissions are needed and consider whether you can reduce them. (High effort)","Info: topLevel permissions set to 'read-all': .github/workflows/check_frontend.yml:4","Info: topLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:24","Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:31","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:32","Info: topLevel 'contents' permission set to 'read': .github/workflows/dependency-review.yml:13","Warn: topLevel 'contents' permission set to 'write': .github/workflows/release-candidate.yml:11: Visit https://app.stepsecurity.io/secureworkflow/fatihtokus/scan2html/release-candidate.yml/main?enable=permissions\nTick the 'Restrict permissions for GITHUB_TOKEN'\nUntick other options\nNOTE: If you want to resolve multiple issues at once, you can visit https://app.stepsecurity.io/securerepo instead. (Low effort)","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-candidate.yml:21: Verify which permissions are needed and consider whether you can reduce them. (High effort)","Warn: no topLevel permission defined: .github/workflows/release-go.yml:1: Visit https://app.stepsecurity.io/secureworkflow/fatihtokus/scan2html/release-go.yml/main?enable=permissions\nTick the 'Restrict permissions for GITHUB_TOKEN'\nUntick other options\nNOTE: If you want to resolve multiple issues at once, you can visit https://app.stepsecurity.io/securerepo instead. (Low effort)","Warn: topLevel 'contents' permission set to 'write': .github/workflows/release.yml:11: Visit https://app.stepsecurity.io/secureworkflow/fatihtokus/scan2html/release.yml/main?enable=permissions\nTick the 'Restrict permissions for GITHUB_TOKEN'\nUntick other options\nNOTE: If you want to resolve multiple issues at once, you can visit https://app.stepsecurity.io/securerepo instead. (Low effort)","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:21: Verify which permissions are needed and consider whether you can reduce them. (High effort)","Info: topLevel permissions set to 'read-all': .github/workflows/scorecard.yml:18"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#token-permissions"}},{"name":"Vulnerabilities","score":0,"reason":"11 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-x574-m823-4x7w","Warn: Project is vulnerable to: GHSA-4r4m-qw57-chr8","Warn: Project is vulnerable to: GHSA-xcj6-pq6g-qj4x","Warn: Project is vulnerable to: GHSA-356w-63v5-8wf4","Warn: Project is vulnerable to: GHSA-859w-5945-r5v3"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-24T09:17:56.808Z","repository_id":101142290,"created_at":"2025-08-24T09:17:56.809Z","updated_at":"2025-08-24T09:17:56.809Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30312153,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-09T20:05:46.299Z","status":"ssl_error","status_checked_at":"2026-03-09T19:57:04.425Z","response_time":61,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cisa","cisa-kev","cloud","containers","devops","devsecops","epss","iac","misconfiguration","opensource","report","sbom","scan","secops","security","trivy","vulnerability","vulnerability-management"],"created_at":"2025-12-15T09:52:00.790Z","updated_at":"2026-03-09T21:05:39.281Z","avatar_url":"https://github.com/fatihtokus.png","language":"HTML","readme":"\n# scan2html \n![License: Apache-2.0](https://img.shields.io/badge/License-Apache%202.0-blue.svg)\n[![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/fatihtokus/scan2html/badge)](https://scorecard.dev/viewer/?uri=github.com/fatihtokus/scan2html)\n[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/9231/badge)](https://www.bestpractices.dev/projects/9231)\n![GitHub All Releases](https://img.shields.io/github/downloads/fatihtokus/scan2html/total?logo=github)\n![GitHub Latest Release](https://img.shields.io/github/v/release/fatihtokus/scan2html.svg?logo=github) \n\n\n\nBefore moving on, please consider giving us a GitHub star ⭐️. Thank you!\n\n## About scan2html\nA [Trivy](https://github.com/aquasecurity/trivy) plugin that scans and outputs the results (vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more) to an interactive html file.\n\nBuilt for teams that care about flexibility, privacy, and control.\n\n---\n\n## Why scan2html\n- 100% open-source (Apache-2.0)\n- No API keys or rate limits\n- Self-contained, data does not leave your system\n- Works with your existing Trivy json scan result files too\n- Easy to integrate into any CI/CD pipeline\n\n---\n\n## Install\n```sh\ntrivy plugin install scan2html\n```\n\n---\n\n## Uninstall\n```sh\ntrivy plugin uninstall scan2html\n```\n\n---\n\n## Usage\n### Generate a report from multiple json scan results\n```sh\ntrivy scan2html generate --scan2html-flags --output interactive_report.html --from vulnerabilities.json,misconfigs.json,secrets.json\n```\n\u003cdetails\u003e\n\u003csummary\u003eResult\u003c/summary\u003e\n\n![result](docs/vulnerabilities.png)\n\u003c/details\u003e\n\n### Generate report with EPSS scores from multiple scan results - experimental\n```sh\ntrivy scan2html generate --scan2html-flags --with-epss --output interactive_report.html --from vulnerabilities.json,misconfigs.json,secrets.json\n```\n\u003cdetails\u003e\n\u003csummary\u003eResult\u003c/summary\u003e\n\n![result](docs/vulnerabilities.png)\n\u003c/details\u003e\n\n### Scan a local folder\n```sh\ntrivy scan2html fs --scanners vuln,secret,misconfig . --scan2html-flags --output interactive_report.html\n```\n\u003cdetails\u003e\n\u003csummary\u003eResult\u003c/summary\u003e\n\n![result](docs/vulnerabilities.png)\n\u003c/details\u003e\n\n### Scan a k8s cluster\n```sh\ntrivy scan2html k8s cluster --scan2html-flags --output interactive_report.html\n```\n\u003cdetails\u003e\n\u003csummary\u003eResult\u003c/summary\u003e\n\n![result](docs/vulnerabilities.png)\n\u003c/details\u003e\n\n### Scan a k8s cluster all\n```sh\ntrivy scan2html k8s --report=all --scan2html-flags --output interactive_report.html\n```\n\u003cdetails\u003e\n\u003csummary\u003eResult\u003c/summary\u003e\n\n![result](docs/misconfigurations.png)\n\u003c/details\u003e\n\n### Scan a k8s cluster summary\n```sh\ntrivy scan2html k8s --report summary cluster --scan2html-flags --output interactive_report.html\n```\n\u003cdetails\u003e\n\u003csummary\u003eResult\u003c/summary\u003e\n\n![result](docs/k8s-cluster-summary.png)\n\u003c/details\u003e\n\n### Scan and generate SBOM(spdx) report\n```sh\ntrivy scan2html image --format spdx alpine:3.15 --scan2html-flags --output interactive_report.html\n```\n\u003cdetails\u003e\n\u003csummary\u003eResult\u003c/summary\u003e\n\n![result](docs/sbom-alpin.png)\n\u003c/details\u003e\n\n## Help\n```sh\n$ trivy scan2html -h\n\nUsage: trivy scan2html [-h,--help] command target filename\n  trivy scan2html \u003ctrivy [global flags] command [flags] target\u003e --scan2html-flags [scan2html flags]\n  trivy scan2html generate --scan2html-flags [scan2html flags]\n  \nUtility Commands\n  generate    Generate a report from multiple json scan results\n  help        Help about any command\n  version     Print the version\n  \nFlags:\n  -h, --help      Show usage.\n  --output        Report name\n  --report-title  Report Title\n  --with-epss     Include EPSS data\n  --with-exploits Include Exploits\n  --from          Comma separated json scan result files\n  \nExamples:\n   # Scan an image\n  trivy scan2html image --scanners vuln,secret,misconfig,license alpine:latest --scan2html-flags --output interactive_report.html\n\n  # Scan an image from local tar file\n  trivy scan2html image --input ruby-3.1.tar --scan2html-flags --output interactive_report.html\n\n  # Scan a local folder\n  trivy scan2html fs --scanners vuln,secret,misconfig,license . --scan2html-flags --output interactive_report.html\n\n  # Scan a k8s cluster\n  trivy scan2html k8s cluster --scan2html-flags --output interactive_report.html\n\n  # Scan a k8s cluster all\n  trivy scan2html k8s --report=all --scan2html-flags --output interactive_report.html\n\n  # Scan a k8s cluster summary\n  trivy scan2html k8s --report summary cluster --scan2html-flags --output interactive_report.html\n\n  # Scan and generate SBOM(spdx) report\n  trivy scan2html image --format spdx alpine:3.15 --scan2html-flags --output interactive_report.html\n  \n  # Generate a report from multiple json scan results\n  trivy scan2html generate --scan2html-flags --output interactive_report.html --from vulnerabilities.json,misconfigs.json,secrets.json\n  \n  # Generate report with EPSS scores from multiple scan results\n  trivy scan2html generate --scan2html-flags --with-epss --output interactive_report.html --from vulnerabilities.json,misconfigs.json,secrets.json\n\n  # Generate report with Exploitability from multiple scan results\n  trivy scan2html generate --scan2html-flags --with-exploits --output interactive_report.html --from vulnerabilities.json,misconfigs.json,secrets.json\n\n  # Download EPSS and Exploits data for caching - experimental\n  trivy scan2html --download-all\n\n  # Use cached EPSS and Exploits data  - experimental\n  trivy scan2html image alpine:latest --scan2html-flags --with-cached-epss --with-cached-exploits --output interactive_report.html\n\n\n```\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffatihtokus%2Fscan2html","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffatihtokus%2Fscan2html","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffatihtokus%2Fscan2html/lists"}